NETWORK SECURITY
FIREWALLS
|
Question
[CLICK ON ANY CHOICE TO KNOW THE RIGHT ANSWER]
|
|
|
Web Application Firewall
|
|
|
Software-defined Networking
|
|
|
OS Integrated Firewall
|
|
|
None of the above
|
Detailed explanation-1: -A web application firewall (WAF) is a firewall that monitors, filters and blocks data packets as they travel to and from a website or web application. A WAF can be either network-based, host-based or cloud-based and is often deployed through a reverse proxy and placed in front of one or more websites or applications.
Detailed explanation-2: -Proxy firewalls, also known as application-level firewalls, filter network traffic at the application layer of the OSI network model. As an intermediary between two systems, proxy firewalls monitor traffic at the application layer (protocols at this layer include HTTP and FTP).
Detailed explanation-3: -A web application firewall (WAF) protects web applications from a variety of application layer attacks such as cross-site scripting (XSS), SQL injection, and cookie poisoning, among others. Attacks to apps are the leading cause of breaches-they are the gateway to your valuable data.
Detailed explanation-4: -A good rule would be permit tcp any WEB-SERVER1 http . permit ip any any WEB-SERVER1-Allows all traffic from any source to a web server. Only specific ports should be allowed; in the case of a web server, ports 80 (HTTP) and 443 (HTTPS). Otherwise, the management of the server is vulnerable.
Detailed explanation-5: -Proxy firewalls operate at the application layer as an intermediate device to filter incoming traffic between two end systems (e.g., network and traffic systems). That is why these firewalls are called ‘Application-level Gateways’.